Vulnerabilities > Connectize

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-04	CVE-2023-24046	Command Injection vulnerability in Connectize Ac21000 G6 Firmware 641.139.1.1256 An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary commands via use of a crafted string in the ping utility. low complexity connectize CWE-77	6.8
2023-12-04	CVE-2023-24047	Insufficiently Protected Credentials vulnerability in Connectize Ac21000 G6 Firmware 641.139.1.1256 An Insecure Credential Management issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via use of weak hashing algorithm. low complexity connectize CWE-522	6.8
2023-12-04	CVE-2023-24048	Cross-Site Request Forgery (CSRF) vulnerability in Connectize Ac21000 G6 Firmware 641.139.1.1256 Cross Site Request Forgery (CSRF) vulnerability in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain control of the device via crafted GET request to /man_password.htm. network low complexity connectize CWE-352	8.8
2023-12-04	CVE-2023-24049	Weak Password Requirements vulnerability in Connectize Ac21000 G6 Firmware 641.139.1.1256 An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges on the device via poor credential management. network low complexity connectize CWE-521 critical	9.8
2023-12-04	CVE-2023-24050	Cross-site Scripting vulnerability in Connectize Ac21000 G6 Firmware 641.139.1.1256 Cross Site Scripting (XSS) vulnerability in Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary code via crafted string when setting the Wi-Fi password in the admin panel. network low complexity connectize CWE-79	5.4
2023-12-04	CVE-2023-24051	Improper Restriction of Excessive Authentication Attempts vulnerability in Connectize Ac21000 G6 Firmware 641.139.1.1256 A client side rate limit issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges via brute force style attacks. network low complexity connectize CWE-307 critical	9.8
2023-12-04	CVE-2023-24052	Unspecified vulnerability in Connectize Ac21000 G6 Firmware 641.139.1.1256 An issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain control of the device via the change password functionality as it does not prompt for the current password. network low complexity connectize critical	9.8

Vulnerabilities > Connectize {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Connectize"}]}

Vulnerabilities > Connectize